Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/993731a0-abe8-41b9-bad3-ce7852d4f117.roa
File: 993731a0-abe8-41b9-bad3-ce7852d4f117.roa (raw, json)
Hash identifier: qva+KLCDy2X4x3A4h5LGMW013bHT242Pqga4tnl9Qfk=
Subject key identifier: 8B:16:7A:8E:7C:58:1E:CC:28:87:9B:F9:47:7D:FF:75:7E:23:2C:EA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 739FDA01987A61FFB84D2A9D999D37F3698FDD03
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/993731a0-abe8-41b9-bad3-ce7852d4f117.roa
Signing time: Tue 05 Aug 2025 20:30:22 +0000
ROA not before: Tue 05 Aug 2025 20:30:22 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.34.0.0/15 maxlen: 15
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:9f:da:01:98:7a:61:ff:b8:4d:2a:9d:99:9d:37:f3:69:8f:dd:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:30:22 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=8f5c2367aae37d908c84675689911fd3e802d658e64f5de6605ef54e9272f219, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:16:4e:a0:f8:fd:fd:c0:f5:09:02:db:29:0d:
85:b9:cc:d7:c2:97:69:1f:66:92:e8:6d:ef:38:0b:
aa:01:86:a8:38:b5:38:d6:ee:78:c0:1a:95:f8:32:
25:59:a8:2f:ba:86:9e:6a:1d:ff:98:ca:08:71:e6:
75:04:ad:9a:18:20:6f:47:92:76:22:ef:db:0c:c9:
6b:fc:06:68:b4:73:8a:d3:fe:89:6a:01:0a:92:8e:
b9:f3:87:34:7b:06:e1:04:1c:9b:d6:5e:c8:5f:41:
74:52:66:53:db:4c:31:4e:f1:b9:85:03:1b:bd:aa:
9d:aa:3a:c6:59:88:ca:aa:62:33:73:eb:0e:c6:02:
64:42:7c:15:2f:2c:75:b2:ea:f8:47:b0:37:ec:41:
c0:cf:c8:ee:b7:21:14:85:ca:80:9a:e4:79:db:2f:
9e:bf:7c:d3:0b:f1:08:25:bc:6d:47:00:fc:77:0e:
36:63:61:04:2b:95:0d:b0:7c:08:1f:f4:3f:7f:ca:
fc:ca:f9:e3:7c:39:e0:c6:c3:0d:c8:f8:c9:03:82:
82:fd:e3:99:16:1e:11:f7:c2:a4:90:74:5b:46:51:
50:a7:66:28:4f:cb:8a:fa:05:08:b2:e3:c3:a1:5e:
7c:09:43:4c:f1:96:0e:55:7d:24:fb:6f:0a:b7:9c:
74:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:16:7A:8E:7C:58:1E:CC:28:87:9B:F9:47:7D:FF:75:7E:23:2C:EA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/993731a0-abe8-41b9-bad3-ce7852d4f117.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.34.0.0/15
Signature Algorithm: sha256WithRSAEncryption
3d:a0:13:3b:43:f2:ff:f2:91:1b:1e:de:b5:63:22:ed:c3:d9:
14:c3:5c:7d:7f:76:a2:ce:9a:17:71:13:83:a7:81:82:3e:29:
03:1a:0f:31:72:79:20:5c:e1:63:6d:63:48:95:75:eb:93:e7:
bd:77:75:16:07:c9:27:4a:24:31:19:28:83:4b:27:0a:03:6a:
87:90:9b:fd:8a:2d:43:ae:97:8f:ae:67:9b:9d:4e:5d:9b:5a:
93:18:4a:5f:ca:26:9f:0e:8d:56:0e:a1:4b:73:8e:91:a5:f9:
ae:03:ae:5b:ee:5d:fb:38:bc:bc:6b:58:cf:bc:bf:94:ee:17:
76:50:43:36:1a:e5:fd:5f:a9:ff:e0:aa:75:2e:15:ca:0a:1f:
be:54:c1:29:b7:b6:ea:bf:80:39:9b:3d:af:72:f6:e8:6b:c2:
e3:2b:2a:b7:7d:bb:a0:84:1a:12:15:b5:8b:53:88:e9:1f:4b:
96:e6:a2:11:db:7b:84:47:9f:24:82:22:5a:27:f7:e5:f8:8f:
f7:7d:92:36:25:fe:cf:d7:c0:d0:71:2a:36:c4:76:d1:0c:ec:
a4:c8:43:26:56:5a:41:ce:7e:b5:e2:0a:73:a4:be:39:8c:46:
8b:b5:f5:b8:5b:69:eb:48:54:8f:c1:bf:6d:b5:ce:0b:6e:f1:
7f:e4:7a:88
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUc5/aAZh6Yf+4TSqdmZ0382mP3QMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDMwMjJaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDhmNWMyMzY3YWFlMzdkOTA4Yzg0Njc1Njg5OTExZmQzZTgwMmQ2NThlNjRm
NWRlNjYwNWVmNTRlOTI3MmYyMTkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOAWTqD4/f3A9QkC2ykNhbnM18KXaR9mkuht7zgLqgGGqDi1ONbueMAalfgy
JVmoL7qGnmod/5jKCHHmdQStmhggb0eSdiLv2wzJa/wGaLRzitP+iWoBCpKOufOH
NHsG4QQcm9ZeyF9BdFJmU9tMMU7xuYUDG72qnao6xlmIyqpiM3PrDsYCZEJ8FS8s
dbLq+EewN+xBwM/I7rchFIXKgJrkedsvnr980wvxCCW8bUcA/HcONmNhBCuVDbB8
CB/0P3/K/Mr543w54MbDDcj4yQOCgv3jmRYeEffCpJB0W0ZRUKdmKE/LivoFCLLj
w6FefAlDTPGWDlV9JPtvCrecdM0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSLFnqO
fFgezCiHm/lHff91fiMs6jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTkzNzMxYTAtYWJlOC00MWI5LWJhZDMtY2U3ODUyZDRmMTE3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATMiMA0G
CSqGSIb3DQEBCwUAA4IBAQA9oBM7Q/L/8pEbHt61YyLtw9kUw1x9f3aizpoXcROD
p4GCPikDGg8xcnkgXOFjbWNIlXXrk+e9d3UWB8knSiQxGSiDSycKA2qHkJv9ii1D
rpePrmebnU5dm1qTGEpfyiafDo1WDqFLc46RpfmuA65b7l37OLy8a1jPvL+U7hd2
UEM2GuX9X6n/4Kp1LhXKCh++VMEpt7bqv4A5mz2vcvboa8LjKyq3fbughBoSFbWL
U4jpH0uW5qIR23uER58kgiJaJ/fl+I/3fZI2Jf7P18DQcSo2xHbRDOykyEMmVlpB
zn614gpzpL45jEaLtfW4W2nrSFSPwb9ttc4LbvF/5HqI
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:41:08 2025 by rpki-client